ioc[.]one - OSINT Cyber Threat Intelligence Database

Targeted Attack Leverages India-China Border Dispute

Tags

cmtmf-attack-pattern:	Masquerading Obfuscated Files Or Information
country:	China India
maec-delivery-vectors:	Watering Hole
attack-pattern:	Application Layer Protocol - T1437 Commonly Used Port - T1436 Dns - T1071.004 Dns - T1590.002 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Obfuscated Files Or Information - T1406 Powershell - T1059.001 Rundll32 - T1218.011 Server - T1583.004 Server - T1584.004 Spearphishing Attachment - T1566.001 Spearphishing Attachment - T1598.002 Ssh - T1021.004 Steganography - T1001.002 Steganography - T1406.001 Steganography - T1027.003 Tool - T1588.002 Standard Application Layer Protocol - T1071 Commonly Used Port - T1043 Connection Proxy - T1090 Deobfuscate/Decode Files Or Information - T1140 Fallback Channels - T1008 Masquerading - T1036 Obfuscated Files Or Information - T1027 Powershell - T1086 Rundll32 - T1085 Spearphishing Attachment - T1193 User Execution - T1204 Commonly Used Port Masquerading Spearphishing Attachment Standard Application Layer Protocol User Execution

Show in Graph

Common Information

Type	Value
UUID	cf403c83-ffbd-4ba5-9687-971fcca3edb7
Fingerprint	c56297a290e6f5f
Analysis status	DONE
Considered CTI value	2
Text language
Published	June 19, 2020, midnight
Added to db	Sept. 11, 2022, 12:35 p.m.
Last updated	Nov. 17, 2024, 6:56 p.m.
Headline	Targeted Attack Leverages India-China Border Dispute to Lure Victims
Title	Targeted Attack Leverages India-China Border Dispute
Detected Hints/Tags/Attributes	78/4/35

Source URLs

	Redirection	Url
Details	Source	https://www.zscaler.com/blogs/research/targeted-attack-leverages-india-china-border-dispute-lure-victims

URL Provider

Details	Provider	Source level domain
Details	zscaler.com	www.zscaler.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	update.windows.microsoft.com
Details	Domain	1	userimage8.360doc.com
Details	Domain	1	360doc.com
Details	Domain	1	image91.360doc.com
Details	Domain	1	welcome.toutiao.com
Details	Domain	1	aliyun.cn.sr
Details	Domain	1	weathers.bing.com
Details	Domain	1	image.tencent.com
Details	File	1	tensions.doc
Details	File	1	avatar_32px.jpg
Details	File	380	notepad.exe
Details	File	1	weathers.bin
Details	File	21	%windir%\\syswow64\\rundll32.exe
Details	File	21	%windir%\\sysnative\\rundll32.exe
Details	md5	1	9c2ee383d235a702c5ad70b1444efb4d
Details	md5	1	db89750a7fab01f50b1eefaf83a00060
Details	md5	1	bd665cd2c7468002f863558dbe110467
Details	md5	1	d8aa162bc3e178558c8829df189bff88
Details	md5	1	6208516f759accb98f967ff1369c2f72
Details	md5	1	9632bec3bf5caa71d091f08d6701d5d8
Details	md5	1	a7662d43bb06f31d2152c4f0af039b6e
Details	md5	1	5cd9b0858b48d87b9622da8170ce8e5d
Details	IPv4	1	47.240.73.77
Details	IPv4	1	114.67.110.37
Details	IPv4	619	0.0.0.0
Details	MITRE ATT&CK Techniques	49	T1193
Details	MITRE ATT&CK Techniques	41	T1086
Details	MITRE ATT&CK Techniques	420	T1204
Details	MITRE ATT&CK Techniques	504	T1140
Details	MITRE ATT&CK Techniques	627	T1027
Details	MITRE ATT&CK Techniques	348	T1036
Details	MITRE ATT&CK Techniques	60	T1043
Details	MITRE ATT&CK Techniques	41	T1008
Details	MITRE ATT&CK Techniques	444	T1071
Details	Url	1	https://114.67.110.37/qbah.